2023-11-21 Fidelity National Financial, Inc. Cybersecurity Incident

Page last updated on July 16, 2024

Fidelity National Financial, Inc. initially disclosed a cybersecurity incident in an SEC 8-K filing on 2023-11-21 17:06:23 EST.

Incident Details

Material: No
Is Breach: TRUE
Records Compromised: 1,316,938
Data Types Impacted: Loan Number, Social Security Number, Home address, Name

Compromised Date:
Detected Date: 2023-11-19
Disclosure Date: 2023-11-21
Contained Date: 2023-11-26
Recovered Date: 2024-01-09

Attack Goal: Theft

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2023-11-21

Fidelity National Financial, Inc. filed an 8-K at 2023-11-21 17:06:23 EST
Accession Number: 0001331875-23-000064

Item 8.01 Other Events.

Fidelity National Financial, Inc. (“FNF” or the “Company”) recently became aware of a cybersecurity incident that impacted certain FNF systems. FNF promptly commenced an investigation, retained leading experts to assist the Company, notified law enforcement authorities, and implemented certain measures to assess and contain the incident. Among other containment measures, we blocked access to certain of our systems, which resulted in disruptions to our business. For example, the services we provide related to title insurance, escrow and other title-related services, mortgage transaction services, and technology to the real estate and mortgage industries, have been affected by these measures. Our majority-owned subsidiary, F&G Annuities & Life, a leading provider of insurance solutions, was not impacted by the incident.

Based on our investigation to date, FNF has determined that an unauthorized third party accessed certain FNF systems and acquired certain credentials. The investigation remains ongoing at this time.

FNF will continue to assess the impact of the incident and whether the incident may have a material impact on the Company.

We are working diligently to address the incident and to restore normal operations as quickly and safely as possible.


8-K/A filed on 2023-11-29

Fidelity National Financial, Inc. filed a 8-K/A at 2023-11-29 19:16:49 EST
Accession Number: 0001331875-23-000073

Explanatory Note.

This Current Report on Form 8-K/A (this “Current Report”) amends the Current Report on Form 8-K filed by Fidelity National Financial, Inc. (the “Company,” “FNF,” “we” or “our”) with the Securities and Exchange Commission (the “SEC”) on November 21, 2023 (the “Original Report”).

Item 8.01 Other Events.

On November 19, 2023, the Company became aware of a cybersecurity incident that impacted certain of our systems. We promptly commenced an investigation, retained leading experts to assist the Company, notified law enforcement authorities, regulatory authorities and other stakeholders and followed our incident response plans. In addition, we took containment measures such as blocking access to certain of our systems resulting in varying levels of disruption to our businesses. The incident was contained on November 26, 2023. The Company is restoring normal business operations and is coordinating with its customers.

The Company will continue to assess the impact of the incident and whether the incident may have a material impact on the Company.


8-K/A filed on 2024-01-09

Fidelity National Financial, Inc. filed a 8-K/A at 2024-01-09 16:10:21 EST
Accession Number: 0001331875-24-000005

Explanatory Note.

This Current Report on Form 8-K/A (this “Current Report”) amends the Current Report on Form 8-K filed by Fidelity National Financial, Inc. (the “Company,” “FNF,” “we” or “our”) with the Securities and Exchange Commission (the “SEC”) on November 21, 2023, as amended on November 30, 2023 (the “Original Report”).

Item 8.01 Other Events.

On November 19, 2023, the Company became aware of a cybersecurity incident that impacted certain of our systems. We promptly commenced an investigation, retained leading experts to assist the Company, notified law enforcement authorities, regulatory authorities and other stakeholders and followed our incident response plans. In addition, we took containment measures such as blocking access to certain of our systems resulting in varying levels of disruption to our businesses. The incident was contained on November 26, 2023. The systems used by the Company to provide services have been restored.

We completed our forensic investigation on December 13, 2023. We determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that is not self-propagating, and exfiltrated certain data. The Company has no evidence that any customer-owned system was directly impacted in the incident, and no customer has reported that this has occurred. The last confirmed date of unauthorized third-party activity in the Company’s network occurred on November 20, 2023.

The Company has identified and analyzed the nature and scope of the affected systems and data. The Company has notified its affected customers and applicable state attorneys general and regulators, and approximately 1.3 million potentially impacted consumers; is providing credit monitoring, web monitoring, and identity theft restoration services; and is fielding questions from consumers.

The Company is continuing to coordinate with law enforcement, its customers, regulators, advisors and other stakeholders. FNF has been named as a defendant in several lawsuits related to this incident. The Company will vigorously defend itself against any litigation filed related to the incident.

At this time, we do not believe that the incident will have a material impact on the Company.


Company Information

NameFidelity National Financial, Inc.
CIK0001331875
SIC DescriptionTitle Insurance
TickerFNF - NYSE
Website
CategoryLarge accelerated filer
Fiscal Year EndDecember 30